- libde265 (1.0.11-0+deb11u1+rpi1) bullseye-staging; urgency=medium
++libde265 (1.0.11-0+deb11u3+rpi1) bullseye-staging; urgency=medium
+
+ [changes brought forward from 1.0.2-1+rpi1 by Peter Michael Green <plugwash@raspbian.org> at Sun, 04 Oct 2015 21:44:10 +0000]
+ * Disable neon.
+
- -- Raspbian forward porter <root@raspbian.org> Sun, 12 Feb 2023 01:07:52 +0000
++ -- Raspbian forward porter <root@raspbian.org> Thu, 15 Feb 2024 21:06:55 +0000
++
+ libde265 (1.0.11-0+deb11u3) bullseye; urgency=high
+
+ * Non-maintainer upload by the LTS Team.
+ (Closes: #1059275)
+ * CVE-2023-49465
+ heap-buffer-overflow in derive_spatial_luma_vector_prediction()
+ * CVE-2023-49467
+ heap-buffer-overflow in derive_combined_bipredictive_merging_candidates()
+ * CVE-2023-49468
+ global buffer overflow in read_coding_unit()
+
+ -- Thorsten Alteholz <debian@alteholz.de> Fri, 29 Dec 2023 23:03:02 +0100
+
+ libde265 (1.0.11-0+deb11u2) bullseye; urgency=high
+
+ * Non-maintainer upload by the LTS Team.
+ * CVE-2023-27102 (Closes: #1033257)
+ fix segmentation violation in the
+ function decoder_context::process_slice_segment_header
+ * CVE-2023-27103
+ fix heap buffer overflow in the
+ function derive_collocated_motion_vectors
+ * CVE-2023-43887
+ fix buffer over-read in pic_parameter_set::dump
+ * CVE-2023-47471 (Closes: #1056187)
+ fix buffer overflow in the slice_segment_header function
+
+ -- Thorsten Alteholz <debian@alteholz.de> Sun, 26 Nov 2023 13:03:02 +0100
libde265 (1.0.11-0+deb11u1) bullseye-security; urgency=high
projects / libde265.git / commitdiff